This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/6725f8-9ab9-4102-83d3-bc49291b4aaa/1/AfKCe3eoQWEy1uxfoPuR6eANwYY.roa File: AfKCe3eoQWEy1uxfoPuR6eANwYY.roa (raw, json) Hash identifier: 91ThPj8ugGh8/5I3Q1tQOs17cu6H9LI8ziMSoHRM8QQ= Subject key identifier: 01:F2:82:7B:77:A8:41:61:32:D6:EC:5F:A0:FB:91:E9:E0:0D:C1:86 Certificate issuer: /CN=b1e59db1bdaf213cad21025f778fac9618fd4e91 Certificate serial: 019B7F155FF8144698EE00A4E35C66383695 Authority key identifier: B1:E5:9D:B1:BD:AF:21:3C:AD:21:02:5F:77:8F:AC:96:18:FD:4E:91 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/seWdsb2vITytIQJfd4-slhj9TpE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/6725f8-9ab9-4102-83d3-bc49291b4aaa/1/AfKCe3eoQWEy1uxfoPuR6eANwYY.roa Signing time: Fri 02 Jan 2026 14:21:05 +0000 ROA not before: Fri 02 Jan 2026 14:21:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202433 IP address blocks: 194.35.248.0/24 maxlen: 24 194.35.249.0/24 maxlen: 24 194.35.250.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/6725f8-9ab9-4102-83d3-bc49291b4aaa/1/seWdsb2vITytIQJfd4-slhj9TpE.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/6725f8-9ab9-4102-83d3-bc49291b4aaa/1/seWdsb2vITytIQJfd4-slhj9TpE.mft rsync://rpki.ripe.net/repository/DEFAULT/seWdsb2vITytIQJfd4-slhj9TpE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:5f:f8:14:46:98:ee:00:a4:e3:5c:66:38:36:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b1e59db1bdaf213cad21025f778fac9618fd4e91 Validity Not Before: Jan 2 14:21:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=01f2827b77a8416132d6ec5fa0fb91e9e00dc186 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:5a:1e:ba:c4:f9:f7:f5:4b:b9:3f:75:31:4b: 2d:ac:68:23:56:b4:22:b7:31:36:24:c7:a3:2d:8b: 31:6e:e7:c9:47:ea:a0:64:55:ea:ef:2c:f0:b5:48: 84:cb:1c:82:9d:b9:ef:1a:2a:97:0e:82:98:e7:3c: cb:8a:14:b4:6b:df:9d:5b:95:ff:61:6b:c2:51:d5: 65:f4:fe:ac:92:ea:c0:76:fe:c5:70:0e:df:b4:49: 8e:2d:7e:39:84:52:ac:c8:e1:7c:bb:fb:45:ff:f6: 54:7e:87:c1:4c:8e:98:e8:54:fb:b8:9f:90:c6:a5: 28:7c:af:16:ad:7e:44:f7:c0:fc:d4:60:75:f0:45: 9b:e7:58:8d:c1:2e:bb:82:34:87:e4:ce:8e:76:60: 81:da:40:7f:4e:06:70:12:01:8b:14:4d:06:c1:9b: 48:92:8e:6d:07:a3:bc:69:60:56:b5:5e:c2:02:2f: 2f:ae:79:0b:ab:40:2b:3c:e7:06:49:fb:23:4f:c1: cb:fc:2e:f5:7f:24:b3:0c:b3:88:a5:0b:d6:55:ee: 1f:02:0b:0e:ff:33:d0:1c:d2:9d:61:78:6c:5d:55: 67:36:94:1a:7c:f5:71:e3:61:48:e5:08:50:5b:c7: 07:5e:51:76:35:41:b1:71:13:ba:7e:7d:ac:77:89: 33:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:F2:82:7B:77:A8:41:61:32:D6:EC:5F:A0:FB:91:E9:E0:0D:C1:86 X509v3 Authority Key Identifier: keyid:B1:E5:9D:B1:BD:AF:21:3C:AD:21:02:5F:77:8F:AC:96:18:FD:4E:91 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/seWdsb2vITytIQJfd4-slhj9TpE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6725f8-9ab9-4102-83d3-bc49291b4aaa/1/AfKCe3eoQWEy1uxfoPuR6eANwYY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6725f8-9ab9-4102-83d3-bc49291b4aaa/1/seWdsb2vITytIQJfd4-slhj9TpE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.35.248.0/22 Signature Algorithm: sha256WithRSAEncryption 77:15:45:59:01:e0:12:fb:90:44:55:32:19:5f:b3:04:d6:cd: 2c:fd:d9:a6:b8:45:96:10:d0:84:3f:97:64:e0:fd:3a:8b:8c: d7:ac:29:62:89:9d:30:93:71:73:7e:b1:61:0f:a3:9f:c6:5b: 98:f2:fd:36:17:fd:47:e6:b3:db:af:bf:4b:78:31:5d:de:45: a7:8c:6b:64:1d:4c:4e:fc:77:ef:12:1e:37:93:07:96:9b:1b: 0b:09:c9:12:8b:c1:9a:cb:fe:a4:d8:38:de:37:26:21:53:e9: b1:93:4e:05:e3:1d:93:bb:d5:51:63:de:b2:a2:ca:65:94:5d: 0d:fa:7d:0e:3f:a3:94:90:43:14:f0:da:a9:f7:a2:7d:e2:5b: c7:ad:8b:ff:48:da:99:e4:bd:5c:e5:63:b5:31:8f:f9:14:7e: e2:f4:ab:6b:47:a5:c2:ac:41:0f:0e:37:4b:a2:28:65:fa:be: f2:26:e6:a0:17:af:80:f3:b8:db:2b:5f:7a:cd:b7:b4:d3:97: 6c:02:43:49:ca:bf:13:d4:d6:87:1a:d9:8e:7f:18:da:a9:f0: 8c:d6:92:8f:69:0a:8d:f4:a2:85:b8:a6:b0:fb:4f:b0:92:3e: 9e:6f:33:fa:4d:51:20:ae:f2:49:2b:f1:b7:9d:e8:27:5e:d3: 24:55:51:07 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/FV/4FEaY7gCk41xmODaVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIxZTU5ZGIxYmRhZjIxM2NhZDIxMDI1Zjc3OGZhYzk2MThm ZDRlOTEwHhcNMjYwMTAyMTQyMTA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMWYyODI3Yjc3YTg0MTYxMzJkNmVjNWZhMGZiOTFlOWUwMGRjMTg2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1oeusT59/VLuT91MUstrGgjVrQi tzE2JMejLYsxbufJR+qgZFXq7yzwtUiEyxyCnbnvGiqXDoKY5zzLihS0a9+dW5X/ YWvCUdVl9P6skurAdv7FcA7ftEmOLX45hFKsyOF8u/tF//ZUfofBTI6Y6FT7uJ+Q xqUofK8WrX5E98D81GB18EWb51iNwS67gjSH5M6OdmCB2kB/TgZwEgGLFE0GwZtI ko5tB6O8aWBWtV7CAi8vrnkLq0ArPOcGSfsjT8HL/C71fySzDLOIpQvWVe4fAgsO /zPQHNKdYXhsXVVnNpQafPVx42FI5QhQW8cHXlF2NUGxcRO6fn2sd4kzfQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFAHygnt3qEFhMtbsX6D7kengDcGGMB8GA1UdIwQY MBaAFLHlnbG9ryE8rSECX3ePrJYY/U6RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc2VXZHNiMnZJVHl0SVFKZmQ0LXNsaGo5VHBFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS82NzI1ZjgtOWFiOS00MTAyLTgzZDMt YmM0OTI5MWI0YWFhLzEvQWZLQ2UzZW9RV0V5MXV4Zm9QdVI2ZUFOd1lZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS82NzI1ZjgtOWFiOS00MTAyLTgzZDMtYmM0OTI5MWI0YWFh LzEvc2VXZHNiMnZJVHl0SVFKZmQ0LXNsaGo5VHBFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwiP4MA0G CSqGSIb3DQEBCwUAA4IBAQB3FUVZAeAS+5BEVTIZX7ME1s0s/dmmuEWWENCEP5dk 4P06i4zXrCliiZ0wk3FzfrFhD6OfxluY8v02F/1H5rPbr79LeDFd3kWnjGtkHUxO /HfvEh43kweWmxsLCckSi8Gay/6k2DjeNyYhU+mxk04F4x2Tu9VRY96yospllF0N +n0OP6OUkEMU8Nqp96J94lvHrYv/SNqZ5L1c5WO1MY/5FH7i9KtrR6XCrEEPDjdL oihl+r7yJuagF6+A87jbK196zbe005dsAkNJyr8T1NaHGtmOfxjaqfCM1pKPaQqN 9KKFuKaw+0+wkj6ebzP6TVEgrvJJK/G3negnXtMkVVEH -----END CERTIFICATE-----Generated at Tue Jan 27 10:40:58 2026 by rpki-client